ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSAP

ISC CISSP-ISSAP Practice Test - Questions Answers, Page 15

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.
You have decided to implement video surveillance in your company in order to enhance network security. Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.
John works as an Ethical Hacker for company Inc. He wants to find out the ports that are open in company's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?
Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?
Which of the following security devices is presented to indicate some feat of service, a special accomplishment, a symbol of authority granted by taking an oath, a sign of legitimate employment or student status, or as a simple means of identification?
In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?
You are the Security Administrator for a consulting firm. One of your clients needs to encrypt traffic. However, he has specific requirements for the encryption algorithm. It must be a symmetric key block cipher. Which of the following should you choose for this client?
Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
Which of the following protocols work at the Network layer of the OSI model?

Question 141

Report
Export
Collapse

Which of the following are natural environmental threats that an organization faces? Each correct answer represents a complete solution. Choose two.

A.
Strikes
A.
Strikes
Answers
B.
Floods
B.
Floods
Answers
C.
Accidents
C.
Accidents
Answers
D.
Storms
D.
Storms
Answers
Suggested answer: B, D

Question 142

Report
Export
Collapse

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

A.
A foreign key
A.
A foreign key
Answers
B.
A private key
B.
A private key
Answers
C.
A public key
C.
A public key
Answers
D.
A primary key
D.
A primary key
Answers
Suggested answer: B, C

Question 143

Report
Export
Collapse

Which of the following SDLC phases consists of the given security controls: Misuse Case Modeling Security Design and Architecture Review Threat and

Risk Modeling Security Requirements and Test Cases Generation

A.
Design
A.
Design
Answers
B.
Maintenance
B.
Maintenance
Answers
C.
Deployment
C.
Deployment
Answers
D.
Requirements Gathering
D.
Requirements Gathering
Answers
Suggested answer: A

Question 144

Report
Export
Collapse

A company named Money Builders Inc., hires you to provide consultancy for setting up their Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?

A.
Certificate
A.
Certificate
Answers
B.
Smart card
B.
Smart card
Answers
C.
Two-factor
C.
Two-factor
Answers
D.
Biometrics
D.
Biometrics
Answers
Suggested answer: D

Question 145

Report
Export
Collapse

You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant.Which algorithm are they most likely using for hashing?

A.
PKI
A.
PKI
Answers
B.
SHA
B.
SHA
Answers
C.
Kerberos
C.
Kerberos
Answers
D.
MD5
D.
MD5
Answers
Suggested answer: D

Question 146

Report
Export
Collapse

You work as a Network Administrator for Net Perfect Inc. The company has a Linux-based network. You need to configure a firewall for the company. The firewall should be able to keep track of the state of network connections traveling across the network. Which of the following types of firewalls will you configure to accomplish the task?

A.
Stateful firewall
A.
Stateful firewall
Answers
B.
Host-based application firewall
B.
Host-based application firewall
Answers
C.
A network-based application layer firewall
C.
A network-based application layer firewall
Answers
D.
An application firewall
D.
An application firewall
Answers
Suggested answer: A

Question 147

Report
Export
Collapse

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?

A.
Integrity
A.
Integrity
Answers
B.
Availability
B.
Availability
Answers
C.
Authenticity
C.
Authenticity
Answers
D.
Confidentiality
D.
Confidentiality
Answers
Suggested answer: D

Question 148

Report
Export
Collapse

Which of the following plans is designed to protect critical business processes from natural or man-made failures or disasters and the resultant loss of capital due to the unavailability of normal business processes?

A.
Disaster recovery plan
A.
Disaster recovery plan
Answers
B.
Contingency plan
B.
Contingency plan
Answers
C.
Business continuity plan
C.
Business continuity plan
Answers
D.
Crisis communication plan
D.
Crisis communication plan
Answers
Suggested answer: C

Question 149

Report
Export
Collapse

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

A.
Spoofing
A.
Spoofing
Answers
B.
Packet sniffing
B.
Packet sniffing
Answers
C.
Tunneling
C.
Tunneling
Answers
D.
Packet filtering
D.
Packet filtering
Answers
Suggested answer: C

Question 150

Report
Export
Collapse

You work as a Security Manager for Tech Perfect Inc. A number of people are involved with you in the DRP efforts. You have maintained several different types of plan documents, intended for different audiences. Which of the following documents will be useful for you as well as public relations personnel who require a non-technical perspective on the entire organization's disaster recovery efforts?

A.
Technical guide
A.
Technical guide
Answers
B.
Executive summary
B.
Executive summary
Answers
C.
Checklist
C.
Checklist
Answers
D.
Department-specific plan
D.
Department-specific plan
Answers
Suggested answer: B
Total 237 questions
Go to page: of 24
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms